An Updated ServHelper Tunnel Variant

James Quinn, Threat Researcher for Binary Defense Executive Summary Binary Defense Researchers discovered active Command and Control (C2) servers and a new version of ServHelper, a malicious Remote Desktop Protocol (RDP) backdoor program known to be used by the threat group TA505.  TA505 is a financially motivated threat group that has been active since at […]